CVE-2025-39246

Summary

There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Software

VendorProductVersion RangeStatus
HikvisionHikCentral FocSignVersions between V1.4.0 and V2.2.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References